There's more worrying news for Android users and this time it has nothing to do with installing rogue applications from Google's Play Store. A new report from the security team at Trend Micro has exposed a new type of attack which sees smartphones coming pre-loaded with malware right out of the box. This means owners could see their data, private messages and even one-time passwords intercepted by hackers without installing any apps or additional software. In fact, the minute the device is switched on for the first time it's immediately under siege from online crooks.
It appears that a large cybercrime enterprise known as the "Lemon Group" has managed to infiltrate the supply chain network and add data-stealing malware before devices are shipped to consumers.
"The criminal group has infected millions of Android devices, mainly mobile phones, but also smart watches, smart TVs and more," explained Trend Micro.
"The infection turns these devices into mobile proxies, tools for stealing and selling SMS messages, social media and online messaging accounts and monetization via advertisements and click fraud."
It's currently unclear how the attacks are taking place and what methods are being used to install the bugs but it's thought that over 8.9 million devices could already be infected worldwide.
According to Trend Micro, users in the US, Mexico and South Africa are some of the most likely to be affected but it's still a concern for those investing in Android.
There's been no mention of exactly which phones have been targeted but it appears budget devices from smaller brands are top of the hacker's hit list.
That means those with devices from firms such as Oppo, OnePlus, Google and Samsung should be able to sleep more easily.
"Big brands like Samsung, like Google took care of their supply chain security relatively well, but for threat actors, this is still a very lucrative market," explained Then Micro's Fyodor Yarochkin.
Although these popular brands seem safe, this latest news is a good reminder to check before installing new apps and only download software you know is safe.